Protecting Electronic Systems From Side-Channel Attacks

During the early days of safecracking, rudimentary rotary locks were compromised by feel or sound to determine the correct combination. Following in this tradition, malicious actors are now exploiting side-channel attacks (SCA) to compromise cryptographic systems. To be sure, all physical electronic systems routinely leak information about the internal process of computing via fluctuating levels of power consumption and electro-magnetic emissions. Much like safecracking, electronic side-channel attacks eschew a brute force approach to extracting keys and other secret information from a device or system.

SCA conducted against electronic devices and systems are non-intrusive, relatively simple and inexpensive to execute. Side-channel attacks comprise a wide range of techniques including Differential Power Analysis (DPA), Simple Power Analysis (SPA), Simple Electromagnetic Analysis (SEMA), Differential Electromagnetic Analysis (DEMA), Correlation Power Analysis (CPA) and Correlation Electromagnetic Analysis (CEMA). Because all physical electronic systems routinely leak information, an effective layer of side-channel countermeasures should be implemented via hardware (DPA resistant cores), software (DPA resistant libraries) or both.

Countermeasures – including leakage reduction, noise introduction, obfuscation and the incorporation of randomness – are critical to ensuring the protection of sensitive keys and data. It should be noted that stand-alone noise introduction is incapable of sufficiently masking side-channel emissions. Indeed, DPA conducted against a device can effectively bypass stand-alone noise countermeasures, ultimately allowing the signal to be isolated. After layered countermeasures have been implemented, systems should be carefully evaluated with a Test Vector Leakage Assessment (TVLA) platform such as the Rambus DPA Workstation (DPAWS) to confirm the cessation of sensitive side-channel leakage.

To read more, click here.